Описание
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| wget | unfixed | package | ||
| wget | postponed | trixie | package | |
| wget | postponed | bookworm | package | |
| wget | no-dsa | bullseye | package | |
| wget | no-dsa | buster | package | |
| wget | postponed | stretch | package |
Примечания
https://mail.gnu.org/archive/html/bug-wget/2021-02/msg00002.html
https://savannah.gnu.org/bugs/?56909
Связанные уязвимости
CVSS3: 6.1
ubuntu
почти 5 лет назад
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
CVSS3: 6.5
redhat
больше 6 лет назад
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
CVSS3: 6.1
nvd
почти 5 лет назад
GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.
